-LRB- CNN -RRB- -- Last week the news broke that the world 's largest permissions-based e-mail marketing company , Epsilon , had been hacked -- compromising the security of an unknown number of e-mail addresses and names . Major companies with millions of customers , such as JP Morgan Chase and Target , sent e-mail notices alerting customers of the breach .

CNN 's John Sutter explained that the main problem consumers face from this breach is an increased risk of targeted `` phishing '' attempts -- `` a sneakier and more sinister version of spam ... fake e-mails that try to look real because the scammer knows something about you . ''

Recent research from Trusteer , an internet security firm , indicates that mobile users may be three times more likely to fall victim to e-mail phishing attempts .

This is becoming increasingly important since recent ComScore research shows that more Americans are shifting their e-mail use to their mobile devices . Also , recent statistics from Nielsen indicate that U.S. mobile users spend more time on their phones doing e-mail than using Facebook .

In January , Trusteer analyzed the `` log files '' -LRB- access records -RRB- of several Web servers that had hosted phishing sites . The records showed how many users accessed these nefarious sites , when they visited them , whether they entered their account login information and which devices they used to access the sites .

Here 's what Trusteer learned :

1 . Mobile users typically arrive first after the phishing e-mails are sent out . `` This makes sense since mobile users are ` always on ' and are most likely to read e-mail messages as soon as they arrive . Meanwhile , desktop users only read messages when they have access to their computer , '' wrote Trusteer CEO Mickey Boodaei .

`` Also , most fraudulent e-mails call for immediate action . For example , they usually claim that suspicious activity has been detected in the user 's account and that immediate action is required . Most victims who fall for this ploy will visit the phishing site quickly . ''

This is crucial , since internet providers and web hosts watch for phishing-style activity on their networks and often act quickly to block phishing sites .

In a Marketplace Tech Report interview , internet security expert Anup Ghosh warned that one of the most insidious parts of e-mail phishing is that the fake alert e-mail might actually say the company is notifying you in response to a recent publicized security breach -- that is , the one they perpetrated . `` It 's a perfect cover , '' Ghosh noted .

2 . Mobile users are three times more likely than desktop users to enter login information . The good news is that most people -LRB- mobile or not -RRB- do n't enter any login information when they land on a phishing site . But among those who do , mobile users clearly were more likely to take this step into the phishing trap .

3 . iPhone users are eight times more likely than BlackBerry users to access phishing sites . According to ComScore 's latest figures , there are still more BlackBerry phones than iPhones in use in the U.S. market . According to Boodaei , it 's `` equally difficult to spot phishing websites on BlackBerry and iPhone devices . ''

So why the disparity ? Boodaei speculates that many BlackBerry users are business users who were issued their BlackBerry by their employer , ostensibly with at least some security training . In contrast , the iPhone is overwhelmingly a consumer device .

How to protect yourself : Be skeptical of any e-mails that claim to come from companies that you do business with . Although phishing attempts are most likely immediately after a data breach , they can occur weeks or months later . So remain vigilant . Logos , e-mail addresses , and other visual clues to authenticity can be faked .

Never click a link in an e-mail message that you do n't trust 100 % . Many web browsers -LRB- including mobile browsers -RRB- can be `` infected '' by malicious code just by accessing a website . But if you do click a link in an e-mail , make sure you never enter personal information on the resulting website .

If you receive what may be a phishing attempt and have questions about whether your account may have been compromised , do this : Open a fresh Web browser window -LRB- on your computer or phone -RRB- , access the real website of the company in question and log in to your account that way . Then check whether they 've issued any security alerts .

Or just look up the company 's phone number and call them , an action that 's especially easy from your mobile phone . Just make sure you do n't just call whatever phone number is listed in the e-mail message .

The opinions expressed in this post are solely those of Amy Gahran .

@highlight

Epsilon , the largest permissions-based e-mail marketing company , was hacked

@highlight

Mobile users are more at risk of falling prey to phishing scams , according to a security firm

@highlight

Users should be skeptical of e-mails from companies they do business with